适用于Eclipse 2.0的AWS Toolkit IAM角色支持吗? [英] AWS Toolkit for Eclipse 2.0 IAM role support?
问题描述
我正在使用适用于Eclipse 2.0的AWS工具包.使用选项(窗口->首选项-> aws工具包),我已经配置了IAM/登录用户api访问密钥ID和秘密访问密钥.根据我们的aws配置,该IAM用户必须承担角色才能查看/访问我们环境中的任何资源.
I am using aws toolkit for eclipse 2.0. using the options ( window -> preference -> aws toolkit) I have configured IAM/login user api access key id and secret access key. According to our aws configuration, this IAM user has to assume role to view/access any resources in our environment.
我能够使用不同的配置文件访问AWS CLI.在凭证文件中,我定义了一个[配置文件]部分,其中包含aws秘密密钥和访问密钥.
I am able to access AWS CLI with different profiles. In a credentials file I define a [profile] section with the aws secret key and access key.
然后在配置文件中定义一个[profile< profile_name>]部分,并使用source_profile =< profile_name>引用它
Then in the config file I define a [profile <profile_name>] section and reference it with source_profile=<profile_name>
在Eclipse的AWS Toolkit 2.0中似乎没有认识到这一点?我什至尝试将配置文件部分从配置文件复制并粘贴到凭据文件,但仍然无法正常工作?
This doesn't seem to be recognized in AWS Toolkit 2.0 for eclipse? I even tried copying and pasting the profile section from the config file to the credentials file and it still doesn't work?
awstk 2.0是否不支持切换/承担登录角色?
Does awstk 2.0 not support switching / assuming roles for a login?
推荐答案
好像我在AWS专家的帮助下找到了解决方案.基本上,您要做两件事:
Looks like I figured it out with help from an AWS expert. Basically you do 2 things:
- 生成一个AWS STS会话令牌
- 使用会话令牌"您的IDE中的值.
示例:aws sts假设角色--role-arn --role-session-name --duration-seconds
Example: aws sts assume-role --role-arn --role-session-name --duration-seconds
在Eclipse IDE AWS配置文件中输入为这些生成的值:
put in the values generated for these in your eclipse IDE AWS profile:
AccessKeyId
SecretAccessKey
SessionToken
您还可以通过在AWS CLI上使用此命令来使用SAML断言
You can also use a SAML assertion by using this command on the AWS CLI
aws sts assume-role-with-saml --role-arn <value> --principal-arn <value> --saml-assertion <value>
注意:最大会话长度由您正在使用的角色定义.
Note: the max session length is defined by the role you're using.
这篇关于适用于Eclipse 2.0的AWS Toolkit IAM角色支持吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
